Yes, I can shed some light on this: I've been busy going through every Tcl file in OpenACS and adding security checks everywhere. It's taken a while, and there's a little bit left to do, but it's almost there. We're talking about a very different level of security between 3.2.2 and 3.2.4.
However, changing every Tcl file means I need massive help. In general, the only bugs potentially introduced involve verifying an argument to a page that is optional, thus causing an error. Get the latest CVS and help test, please!! Hopefully OpenACS 3.2.4 will be ready by end of week.